The Supreme Court has emphasized that banks must take responsibility for safeguarding their customers from unauthorized transactions. It also urged account holders to remain vigilant and avoid sharing sensitive information such as OTPs (One-Time Passwords) with third parties.
SBI Held Liable for Fraudulent Transactions
In a recent ruling, the Supreme Court upheld the liability of the State Bank of India (SBI) for unauthorized transactions reported by a customer. The Court highlighted that banks should utilize advanced technology to detect and prevent fraud.
The case involved unauthorized transactions amounting to ₹94,204.80 from the account of a customer (Respondent No.1) after they received a fraudulent call while attempting to return an online purchase. The fraudster, posing as customer care for the retailer, instructed the customer to download a mobile app, leading to the transactions.
Court Rejects SBI’s Defense
SBI denied liability, arguing that the customer had shared OTPs and M-PINs, making the transactions authorized. However, the customer claimed they never shared such information and alleged that the fraud stemmed from a data breach on the retailer’s website.
Both the Single Bench and the Division Bench of the Gauhati High Court held SBI liable and directed the bank to refund the defrauded amount. The High Court referred to the Reserve Bank of India’s (RBI) guidelines from a circular dated July 6, 2017, which impose “zero liability” on customers for unauthorized transactions caused by third-party data breaches if reported promptly.
Supreme Court Upholds High Court’s Decision
SBI appealed the High Court’s decision to the Supreme Court. However, the Supreme Court dismissed the appeal, noting that the fraudulent transactions were reported within 24 hours, meeting the criteria for zero liability under RBI guidelines.
The bench, comprising Justices JB Pardiwala and R Mahadevan, observed:
- “The Bank has the best technology available today to detect and prevent such unauthorized and fraudulent transactions.”
- “We also take notice of the fact that within 24 hours of the fraudulent transaction, the customer brought it to the notice of the Bank.”
Responsibility of Customers and Banks
While holding SBI accountable, the Court also stressed the importance of customer vigilance. It stated that account holders must ensure OTPs and passwords are not shared with anyone, as negligence on their part could make them liable in certain situations.
Conclusion
The Supreme Court’s ruling reaffirms the importance of customer protection in the banking sector. It also underscores the shared responsibility of both banks and customers in preventing fraudulent transactions.
